mysql: temporarily removing the root password

It's year 2010, yet there are softwares around that still expect that a database shouldn't have a root password set when you connect from localhost… And I have to install one of such softwares.

So, what to do? Well, let's assume that your mysql has a root password 'somepass'. You need to wipe it, install the software and then set it again. Luckily, that's simple:

mysql -u root mysql

type in your root password and get a


prompt. Then:

UPDATE user SET Password='' where USER='root';

Leave this window open without exiting mysql, since you'll need it in a few minutes. Now go and install that crappy software. Once finished go back to the mysql window and:

UPDATE user SET Password=PASSWORD('somepass') where USER='root';

Is this safe/secure? No, it isn't, since you are exposing your DB to a "race condition" (someone that is able to log into your machine could just make a mess of your data, or grant himself full access to the database while you are installing your software). If you need to do this securely you should either patch the crappy software and make it sane about root access to the DB, or go to the console, unplug the network cable and reboot the machine in single user mode. Your call 🙂


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.